Working authentication credentials are required by OmniCenter for every device on your network that you wish to monitor.
The Device Discovery Wizard
Your first opportunity to provide authentication credentials for your devices comes when OmniCenter is first run. After you are taken through the initial OmniCenter Setup Wizard, the Device Discovery Wizard will start. In the System Authentication section of the wizard, you will be asked to provide any SNMP community strings required to access your devices, as well as the credentials for a Windows service account. (If you don’t want to use an administrator-based service account for Windows monitoring, see How to Create Non-Administrator-Based Service Accounts in Windows.)
When the wizard is complete, OmniCenter then begins a scan of your network and looks for devices it can manage.
As OmniCenter discovers devices that are candidates to be monitored, it test communicates with these devices (via SNMP and Windows networking) using all of the credentials provided in the Device Discovery Wizard, in the order in which they are provided. (Later, as part of OmniCenter’s regularly scheduled device discovery scans, any additional credentials provided in user-configured device templates will also be tried.)
If any of the credentials work for a given device, and OmniCenter can identify that device as a type of device that is manageable, the device is added to OmniCenter. If OmniCenter is not able to successfully authenticate with a device, that device will not be added to OmniCenter.
OmniCenter Device Templates
Your next opportunity to provide authentication credentials for your devices comes from OmniCenter’s device templates. Device templates are a way to simultaneously apply standardized configuration settings to any number of devices managed by OmniCenter. Devices may have multiple device templates applied to them in a strict hierarchy. (See Device Templates for more information about device templates and how they work.)
All device templates include an Authentication Credentials section. Any credentials entered into this section will be applied to the OmniCenter configuration settings of any devices to which that template is applied. If multiple device templates containing authentication credentials are applied to a device, each template applied will overwrite the credentials applied by the previous template. So, the last template containing authentication credentials to be applied to a device will be the one whose credentials are added to the configuration settings of that device.
When discussing authentication credentials, there are two device templates included with OmniCenter that are helpful to know about; these are the “Default” and “Windows Default” device templates. The Default device template is the base device template for applying configuration settings to all devices managed by OmniCenter. The Windows Default device template is for applying configuration settings to all Windows devices managed by OmniCenter. These templates are automatically applied to newly discovered devices when they are added to OmniCenter. (For Windows devices, the Windows Default template is applied at the “device type” hierarchy level, after the Default template is applied.)
The Default and Windows Default templates have their Authentication Credentials section automatically populated by the information provided in the Device Discovery Wizard (SNMP string into the Default template and Windows service account info into the Windows Default template). If more than one SNMP community string is provided, OmniCenter will create additional device templates to store each additional community string after the first. These other templates will be empty except for the Authentication Credentials section. Storing the additional SNMP strings in this way allows them to be used by OmniCenter when it tries to authenticate with newly discovered devices, as mentioned earlier.
Managed Device Configuration
Your final opportunity to provide authentication credentials for your devices comes from the OmniCenter device configuration settings for each device. These configuration settings include an Authentication section, which is directly accessible through the administrative interface of the respective device’s Device Dashboard (in the Main tab). The credentials stored in this section are the credentials actually used by OmniCenter to authenticate with the device when attempting to collect monitoring data.
However, since OmniCenter device configuration settings are usually controlled by device templates, any authentication credentials entered here will likely be overwritten during OmniCenter’s next discovery poll (when device templates are re-applied to their respective devices). So, you will have to turn device template usage completely off for a device if you wish to control its authentication credentials from within its device configuration (not recommended).
The Authentication section of a device’s configuration will initially be automatically populated by, at least, the OmniCenter “Default” device template, and then the “Windows Default” template. Other device templates, applied later in the hierarchy, may overwrite some or all of these initial settings.
Once a device is added to OmniCenter, the authentication credentials stored in that device’s configuration are the only credentials OmniCenter tries to use to collect data from that device.
Sometimes you might find that a device that has been added to OmniCenter doesn’t seem to be reporting correctly, or at all. This can be due to “incorrect” credentials having been added to its device configuration after it was added to OmniCenter (typically, through a misconfigured device template). Remember that OmniCenter will initially authenticate with a device using any credentials it can find, potentially allowing the device to be added to the list of managed devices. But, once added, the device templates applied to that device during automatic configuration may then overwrite its configuration settings with a different set of credentials—ones that won’t allow OmniCenter to properly access the device.
If this happens, you can either change the credentials in the last device template that applies authentication settings to the device, or, if that’s not practical, create a special device template just for that device and apply it at the “device” hierarchy level. However, device-specific templates should only be used as a last resort. Generally, a good device template strategy will avoid this problem. (See Device Templates for more information.)